Routing based request correlation

ABSTRACT

Aspects of the disclosure will be described with regard to the processing of DNS queries by a DNS service based on multiple network addresses associated with a single network entity (e.g., a service provider). The DNS service may respond to each DNS query for identifying network addresses associated with the service provider with a respective unique network address from a pool of network addresses. Based on the uniqueness of network addresses, DNS queries and subsequent communications between respective client computing devices and the service can be correlated.

BACKGROUND

Generally described, computing devices and communication networks can be utilized to exchange information. In a common application, a computing device can request content from another computing device via a communication network. For example, a user at a personal computing device can utilize various types of software applications to request information from server computing devices via the Internet. In such embodiments, the user computing device can be referred to as a client computing device and the server computing device can be referred to as a service provider.

Service providers are generally motivated to provide requested content/services or access to requested content/services to client computing devices with consideration of cost and user experience. For example, service providers often consider performance factors such as latency of delivery of requested content in processing client computing device requests (e.g., as measured from an initial Domain Name System (DNS) query to a completion of content retrieval or rendering) in order to meet service level agreements or to generally improve the quality of delivered service. However, traditional network routing methodologies limit the service provider in providing DNS request routing services and pose difficulties for performance assessment based on correlations between DNS queries and subsequent communications.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram illustrative of an environment for the management and processing of DNS queries related to a service provider;

FIG. 2A is a block diagram of the environment of FIG. 1 illustrating the processing and resolution of a first DNS query for the service provider with a first unique network address;

FIG. 2B is a block diagram of the environment of FIG. 1 illustrating the processing and resolution of a second DNS query for the service provider with a second unique network address;

FIG. 3 is a block diagram of the environment of FIG. 1 illustrating the correlation between DNS queries and subsequent communications based on unique network addresses; and

FIG. 4 is a flow diagram of a DNS query processing and correlation routine implemented by the service provider.

DETAILED DESCRIPTION

Prior to retrieving content or accessing a service from a network-based service provider (e.g., a Web site or Web service application programming interface (API)), client computing devices may need to submit DNS queries for identifying network addresses associated with the service provider. A DNS query originating from a client computing device may be forwarded, relayed, or re-generated by one or more intermediate DNS resolvers between the originating client computing device and a DNS service (e.g., a DNS name server) authoritative for resolving the DNS query. Accordingly, the DNS service may not have information regarding the client computing device from which the DNS query originated. Once DNS queries are resolved, subsequent communications between the corresponding client computing devices and the service provider may be based on requests transmitted from the client computing devices to the service provider directly or via a different type of intermediary (e.g., a proxy server). As a result, it may be difficult to correlate DNS queries with their corresponding subsequent communications based on traditional network routing methodologies.

Generally described, the present disclosure is directed to processing DNS queries based on multiple network addresses associated with a single network entity. Specifically, aspects of the disclosure will be described with regard to the processing of DNS queries for identifying network addresses associated with a service provider, resolution of individual DNS queries with correspondingly unique network addresses associated with the service provider, and correlation between DNS queries and subsequent communications between respective client computing devices and the service provider based on the unique network addresses. In accordance with an illustrative embodiment, a DNS service associated with a service provider makes available a pool of network addresses (e.g., Internet Protocol Version 6 (IPv6) or Internet Protocol Version 4 (IPv4) addresses) for identifying one or more network interfaces of the service provider. The size of the pool can be sufficiently large (e.g., including thousands or millions of distinct network addresses) so that during a certain period of time (e.g., an hour, a day, or a week), a unique network address can be selected for resolving each DNS query for the service provider without reusing any previously used network addresses.

Illustratively, in response to a DNS query, the DNS service may select a unique network address from the pool and associate it with the service provider. The DNS service then resolves the DNS query by transmitting a reply that includes the selected network address. Subsequently, the service provider obtains and processes a content or service request directed to the unique network addresses from a client computing device. Due to the uniqueness of the network address, the service provider may then correlate various performance metrics associated with the DNS query and the subsequent content or service request. For example, the service provider may link log entries of DNS processing and subsequent communication processing based on a same unique network address. Accordingly, the service provider may conduct performance analysis with correlated processing information of the DNS query and subsequent request, and develop request routing or processing strategies to further improve network-based service performance such as latency, reliability, cost, or efficiency. In some embodiments, the uniqueness of network addresses is based at least in part on a time period (e.g., a wait time) during which a network address utilized for responding to a DNS query cannot be reused for responding to any subsequent DNS queries. The time period can be determined based on statistics of active client sessions. In some embodiments, the pool of available network addresses can be adjusted based on a change of volume in DNS traffic, a confidence requirement for the correlation of DNS queries and subsequent requests, or other criteria defined by the service provider.

Although various aspects of the disclosure will be described with regard to illustrative examples and embodiments, one skilled in the art will appreciate that the disclosed embodiments and examples should not be construed as limiting. For example, although aspects of the disclosure will be described with regard to a DNS service, one skilled in the relevant art will appreciate that aspects of the disclosure may be implemented by various types of services related to network-based request routing or that a service provider implementing aspects of the disclosure is not required to have the specific components utilized in the illustrative examples.

FIG. 1 is a block diagram illustrative of an environment for the management and processing of DNS queries for identifying network addresses associated with a service provider. As illustrated in FIG. 1, the environment 100 includes a number of client computing devices 102 (generally referred to as clients) for communicating, directly or indirectly, with a service provider. In an illustrative embodiment, the client computing devices 102 can corresponds to a wide variety of computing devices including personal computing devices, laptop computing devices, hand-held computing devices, terminal computing devices, mobile devices, wireless devices, various electronic devices and appliances and the like. In an illustrative embodiment, the client computing devices 102 include necessary hardware and software components for establishing communications over a communication network 108, such as a wide area network or local area network. For example, the client computing devices 102 may be equipped with networking equipment and browser software applications that facilitate communications via the Internet or an intranet.

As also illustrated in FIG. 1, each client computing device 102 communicates with or otherwise utilizes some type of DNS resolver 103, such as a DNS name server, that generates, forwards, or relays the DNS queries that originated from or are otherwise attributable to the client computing device. In one embodiment, the DNS resolver 103 may be provided by an enterprise network to which the client computing device 102 belongs. In another embodiment, the DNS resolver may be provided by an Internet Service Provider (ISP) that provides the communication network connection to the client computing device 102.

With continued reference to FIG. 1, the environment 100 can further include a service provider 104 in communication with the one or more DNS resolvers 103 and the one or more client computing devices 102 to resolve DNS queries transmitted via the communication network 108. The service provider 104 illustrated in FIG. 1 corresponds to a logical association of one or more computing devices associated with a network-based service provider, such as a content or storage service provider. Specifically, the service provider 104 can include a Web service 112 corresponding to one or more server computing devices for obtaining and processing requests for content (such as Web pages) or for services (such as data uploading or downloading) from the client computing devices 102. In some embodiments, the Web service 112 may include or be associated with a content delivery network (CDN) service, which may further include a number of Point of Presence (“POP”) locations that correspond to nodes on the communication network 108. Each POP may include a respective resource cache component made up of a number of cache server computing devices for storing resources of the service provider 104 and transmitting various requested resources to various client computing devices.

As further illustrated in FIG. 1, the service provider 104 can also include a DNS service 118 that is operative to receive DNS queries for identifying network addresses associated with the service provider. Illustratively, the received DNS query may include registered domain names associated with the service provider. The DNS service 118 may include one or more DNS name servers authoritative to resolve DNS queries corresponding to the registered domain names of the service provider 104. A DNS name server is considered to be authoritative to a DNS query if the DNS name server can resolve the query by providing a responsive IP or other applicable network address. In some embodiments, at least a portion of the request routing functionality of the DNS service 118 can be provided by another service provider or system. One skilled in the relevant art will appreciate that the service provider 104 can be associated with various additional computing resources, such as additional computing devices for administration of content and resources and the like. Additionally, the components of the Web service 112 or the DNS service 118 may be geographically distributed throughout the communication network 108 in a manner to best serve various demographics of client computing devices 102. Still further, although illustrative components have been described with regard to the service provider 104, the service provider may have any configuration of components associated with one or more domains addressable on the communication network 108. One skilled in the relevant art will also appreciate that the components and configurations provided in FIG. 1 are illustrative in nature. Accordingly, additional or alternative components and/or configurations, especially regarding the additional components, systems and subsystems for facilitating communications, may be utilized.

With reference now to FIGS. 2A, 2B and 3, the interaction between various components of the environment 100 of FIG. 1 will be illustrated. For purposes of the example, however, the illustration has been simplified such that many of the components utilized to facilitate communications are not shown. One skilled in the relevant art will appreciate that such components can be utilized and that additional interactions would accordingly occur without departing from the spirit and scope of the present disclosure.

In accordance with aspects of the present application, the client computing device 102 can access one or more computing devices or services associated with the service provider 104 by utilizing a resource identifier, such as uniform resource identifier (“URL”), which is generally referred to as a service provider URL. Illustratively, the service provider URL may have the following form:

-   -   http://additional_information.services.serviceprovider.com/extra_information

In the example above, the service provider URL can include identifications of a domain (e.g., “serviceprovider.com”) that will be used to access the service provider resources. Additionally, the service provider URL can also identify one or more specific types of devices or services (e.g., “services”) associated with the identified domain. Further, the service provider URL can include other information or identifiers (e.g., “additional_information” or “extra_information”) that can be utilized in the processing of content or service requests. For example, the additional or extra information may identify a requested resource, indicate associated geographic preference, or specify service requirements or restrictions, etc. In some embodiments, such information can also be utilized for the determination of a corresponding unique network address.

FIG. 2A is a block diagram of the environment 100 of FIG. 1 illustrating the processing and resolution of a first DNS query with a first unique network address associated with the service provider. In accordance with one embodiment, at (1), a first client computing device 102 a issues a DNS query for identifying a network address associated with the service provider 104, for example, as represented by a service provider domain “serviceprovider.com”. Illustratively, the first client computing device 102 a, through a browser software application, issues the DNS query to an associated DNS resolver 103. On behalf of the client computing device 102 a, the associated DNS resolver 103 then issues a DNS query for the service provider domain that first results in the identification of a DNS server authoritative to the “.” and the “com” portions of the domain. After partially resolving the domain according to the “.” and “com” portions of the domain, the DNS resolver 103 then issues another DNS query to the DNS service 118 for resolving the “.serviceprovider” portion of the domain.

As illustrated in FIG. 2A, at (2), the DNS service 118 obtains the DNS query and can resolve the DNS query by providing a first unique network address, such as an IP address, of a component for providing the client requested content or service. For example, the DNS service 118 may select an IP address from a pool of IP addresses associated with the Web service 112 that can provide a requested Web page or service. In an alternative embodiment, the DNS service 118 may also provide alternative identifiers, such as unique canonical names (“CNAMES”) that can be used to refine request routing processing, which would later result in a subsequent DNS query identifying a network address associated with the service provider 104.

Each network address within the pool can be associated with metadata indicating a status or attributes associated with the network address, and the selection of the first unique network address can be based on the metadata. For example, the metadata may indicate whether or when a network address was previously selected for resolving a DNS query, a wait time before a network address can be reused, geographic or network topology preferences or restrictions, content or service types supported, etc. In some embodiments, the wait time for reusing any network address in the pool after its previous use is predetermined. For example, the wait time may be 24 hours, or may correspond to a multiple of average session length where a client interacts with the service provider. In some embodiments, the wait time for reusing a network address can be based on subsequent client actions, such as client content or service requests, directed to the network address after its assignment to the resolution of a previous DNS query. For example, an extended period of inactivity from the client may indicate that the wait time is over or can be shortened.

In some embodiments, the DNS service may determine a confidence level quantifying the uniqueness of a selected network address for correlating the current DNS query and subsequent communications from a client where the DNS query originated. The confidence level can be a function of pool size, DNS query traffic, network address reuse frequency, attributes included in the metadata associated with the selected network address, or information (e.g., a time when the DNS query was issued, a location of the DNS resolver that transmitted the query, associated type of content or service, or the like) associated with the current DNS query. Various statistical models can be employed for generating the confidence level based on the data described above. If the confidence level exceeds a threshold, the DNS service 118 may determine that the selected network address is sufficiently unique and thus may be used to resolve the DNS query.

At (3), the DNS service 118 can resolve the DNS query based on the selected first unique network address. Illustratively, the DNS service 118 may generate a response to the DNS query including the selected network address, which may correspond to a network interface or other component of the service provider 104. Additionally, the response can include metadata, such as an expiration time, associated with the network address. In some embodiments, the expiration time may correspond to a time-to-live (TTL) in accordance with certain DNS protocol. The expiration time is set to be shorter than an associated wait time in order to avoid miss-correlations of requests across different reuse time periods. For example, the returned information may indicate that the network address will expire in 23 hours, while the wait time to reuse the network address for responding to another DNS query may be 24 hours. Accordingly, the one hour cushion time may reduce the likelihood that requests are miss-correlated across two consecutive reuse time periods. The DNS service 118 may transmit the response to the DNS resolver 103, which in turn may forward the DNS resolution information back to the requesting client 102 a. The DNS service 118 may record all the timing, status, events, exceptions, resource consumption, or other performance data associated with the processing and resolution of each DNS query, and store the records in a service log or other database or repository.

FIG. 2B is a block diagram of the environment of FIG. 1 illustrating the processing and resolution of a second DNS query with a second unique network address associated with the service provider. In accordance with one embodiment, at (1), a second client computing device 102 b issues a DNS query for identifying a network address associated with the service provider 104, for example, as represented by a service provider domain “serviceprovider.com”. Illustratively, the second client computing device 102 b, through a browser software application, issues the DNS query to an associated DNS resolver 103, which may or may not be the same DNS resolver associated with the first client computing device 102 a as in FIG. 2A. On behalf of the client computing device 102 b, the associated DNS resolver 103 issues a DNS query for the service provider domain that first results in the identification of a DNS server authoritative to the “.” and the “com” portions of the domain. After partially resolving the domain according to the “.” and “com” portions of the domain, the DNS resolver 103 then issues another DNS query to the DNS service 118 for resolving the “.serviceprovider” portion of the domain.

As illustrated in FIG. 2B, at (2), the DNS service 118 obtains the DNS query and can resolve the DNS query by providing a second unique network address, such as an IP address, of a component for providing the client requested content or service. For example, the DNS service 118 may select an IP address from a pool of IP addresses associated with the Web service 112 that can provide a requested Web page or service. In an alternative embodiment, the DNS server component may also provide alternative identifiers, such as unique canonical names (“CNAMES”) that can be used to refine request routing processing, which would later result in a subsequent DNS query identifying a network address associated with the service provider 104.

As described above, each network address within the pool can be associated with metadata indicating a status or attributes associated with the network address, and the selection of the second unique network address can be based on the metadata. For example, the metadata may indicate whether or when a network address (e.g., the first unique network address as in FIG. 2A) was previously selected for resolving a DNS query, a wait time before a network address can be reused, geographic or network topology preferences or restrictions, content or service types supported, etc. The wait time for reusing any network address in the pool after its previous use can be predetermined or based on client actions directed to the network address after its assignment to the resolution of a previous DNS query. Accordingly, the second unique network address may or may not be the same as the first unique network address as described with reference to FIG. 2A, depending on the availability of other network addresses in the pool and the timing of respective DNS queries as in FIG. 2A and FIG. 2B.

The DNS service 118 may determine a confidence level quantifying the uniqueness of a selected network address to correlate the current DNS query and subsequent communications from a client where the DNS query originated. The confidence level can be a function of pool size, DNS query traffic, network address reuse frequency or other statistics, attributes included in the metadata associated with the selected network address, or information (e.g., a time when the DNS query was issued, a location of the DNS resolver that transmitted the query, associated type of content or service, or the like) associated with the current DNS query. Various statistical models can be employed for generating the confidence level based on the data described above. If the confidence level exceeds a threshold, the DNS service 118 may determine that the selected network address is sufficiently unique and thus may be used to resolve the DNS query.

At (3), based on the selected second unique network address, the DNS service 118 can determine which information to provide to resolve the DNS query. Illustratively, a response to the DNS query may include the selected network address corresponding to a network interface or other component of the service provider 104. Additionally, the returned information can include metadata, such as an expiration time, associated with the network address. The DNS service 118 may transmit the response to the DNS resolver 103, which in turn may forward the DNS resolution information back to the requesting client 102 b. The DNS service 118 may record all the timing, status, events, exceptions, resource consumption, or other performance data associated with the processing and resolution of each DNS query, and store the records in a service log or other database or repository.

FIG. 3 is a block diagram of the environment 100 of FIG. 1 illustrating the correlation between DNS queries and subsequent communications based on unique network addresses. Following respective resolution of DNS queries originated from client computing devices 102, at (1), one or more client computing devices 102 communicate with the Web service 112 of the service provider 104 based on the respective unique network addresses included in the responses to their DNS queries. For example, client 102 a may transmit content or service requests to the Web service 112 by directing the requests to the first unique network address as described with reference to FIG. 2A, and client 102 b may communicate with the Web service 112 via the second unique network address as described with reference to FIG. 2B. The Web service 112 may process the requests and record all the timing, status, events, exceptions, resource consumption, or other performance data associated with the subsequent communications between the service provider 104 and client computing devices 102, and store the records in a service log or other database or repository.

At (2), the service provider 104 correlates DNS queries with subsequent communications based on the unique network addresses. Illustratively, the service provider 104 may obtain the DNS processing records and subsequent communication records and cross link data related to same unique network addresses. In some embodiments, the cross linking of data may take into consideration the reuse timing of network addresses in the pool. For example, communication records associated with a specific network address may need to be separated based on a time when the same network address was reused: communication records prior to the reuse should be cross linked with earlier DNS processing records involving the specific network address prior to the reuse, and should not be cross linked with later DNS processing records concurrent with or after the reuse of the specific network address, because the later DNS processing records are likely related to a DNS query originating from a different client or for a different purpose. After the DNS queries and subsequent communications are correlated, at (3), the service provider 104 may analyze network service performance and user experience using the correlated performance data. For example, the service provider 104 may compute an overall latency associate with a content or service request by adding up times associated with both the processing of a corresponding DNS query and the processing of a corresponding subsequent content or service request.

FIG. 4 is a flow diagram of a DNS query processing and correlation routine implemented by the service provider 104. The routine starts at block 400. At block 402, the service provider 104 determines whether a current pool of available network addresses is sufficient for accommodating incoming DNS queries. Illustratively, the service provider 104 may obtain statistics of historical DNS query traffic as well as trends in recent DNS query traffic, and estimate a volume of incoming DNS queries for future time periods (e.g., 5-minute or 1-hour periods). For example, various statistical modeling or fitting methods (e.g., time series analysis, hidden Markov model, linear regression, etc.) can be employed to perform the estimation. The service provider 104 may then determine whether the size of the pool is large enough to provide a unique network address to each of the incoming DNS queries during the next time period.

As described above, the service provider 104 may also determine a wait time for reusing any network address in a current pool. Accordingly, a pool's capacity for handling incoming DNS query traffic can be a function of the pool size (e.g., the number of distinct network addresses in the pool) and the wait time. For example, the capacity of the pool can be characterized as a maximum processing rate of DNS queries, which can correspond to a ratio between the pool size and the wait time. In some embodiments, the maximum processing rate may be reduced by a safety margin to account for unexpected DNS traffic. The service provider 104 may then compare the capacity of the pool against estimated incoming DNS traffic (e.g., a rate of incoming DNS queries), and determine whether the pool is sufficiently large (e.g., whether the pool capacity exceeds the estimated incoming DNS traffic by a threshold value).

If the service provider 104 determines that the pool is sufficient for handling incoming DNS queries, the routine proceeds to block 406. Otherwise, the routine proceeds to block 404 where the service provider 104 may create a new pool of available network addresses or adjust the current pool (e.g., enlarging the size of the pool by adding more distinct network addresses) so that unique network addresses can be assigned to each of the incoming DNS queries for the next time period. In some embodiments, the service provider 104 may reduce the size of the current pool when its capacity exceeds the estimated incoming DNS traffic by a large margin. For example, the maximum processing rate of the pool may be more than 10 times larger than an estimated rate of incoming DNS queries. In these embodiments, the service provider 104 may release a subset of network addresses from the pool so that they can be utilized for other purposes.

At block 406, the service provider 104 receives a DNS query for identifying one or more network addresses associated with the service provider. For example, the DNS query may include a domain “serviceprovider.com” associated with the service provider. Illustratively, the DNS query was issued by a DNS resolver 103 on behalf of a client computing device 102. At block 408, the service provider 104 selects a unique network address from the network address pool. For example, the service provider 104 may select an IP address from a pool of IP addresses currently associated or associable with the service provider. As described above, the selection may be based on various factors related to the uniqueness of the selected network address.

In some embodiments, each network address within the pool can be associated with metadata indicating a status or attributes associated with the network address, and the selection of the first unique network address can be based on the metadata. For example, the metadata may indicate whether or when a network address was previously selected for resolving a DNS query, a wait time before a network address can be reused, geographic or network topology preferences or restrictions, content or service types supported, etc. The wait time for reusing any network address in the pool after its previous use can be predetermined or based on client actions, such as client content or service requests, directed to the network address after its assignment to the resolution of a previous DNS query.

In some embodiments, the service provider 104 may determine a confidence level quantifying the uniqueness of a selected network address for correlating the current DNS query and subsequent communications from a client where the DNS query originates. The confidence level can be a function of a pool size, DNS query traffic, network address reuse frequency or other statistics, attributes included in the metadata associated with the selected network address, or information associated with the current DNS query. Various statistical models can be employed for generating the confidence level based on the data described above. If the confidence level exceeds a threshold, the DNS service 118 may determine that the selected network address is sufficiently unique for responding to the currently obtained DNS query.

At block 410, the service provider 104 resolves the DNS query based on the selected unique network address. Illustratively, the service provider 104 may determine which information to provide to resolve the DNS query and generate a response accordingly. For example, a response to the DNS query may include the selected network address corresponding to a network interface or other component of the service provider 104. Additionally, the returned information can include metadata, such as an expiration time, associated with the network address. The service provider 104 may transmit the response to the DNS resolver 103, which in turn may forward the DNS resolution information back to the requesting client 102. The service provider 104 may record all the timing, status, events, exceptions, resource consumption, or other performance data associated with the processing and resolution of each DNS query, and store the records in a service log or other database or repository.

At block 412, the service provider 104 receives one or more requests for content or service from a client computing device 102. The requests are directed to the unique network address included in the response transmitted at block 410. Due to the uniqueness of the network address, the client that transmitted the requests and the client that originated the DNS query may correspond to the same device. The likelihood of such correspondence may be bounded by the confidence level as discussed above with respect to block 406. The service provider 104 may process the requests and interact with the client computing device 102 via the unique network address. Similarly, the service provider 104 may record all the timing, status, events, exceptions, resource consumption, or other performance data associated with the request processing, and store the records in a service log or other database or repository.

At block 414, the service provider 104 analyzes service performance by correlating client content or service requests with DNS queries based on the unique network addresses. Illustratively, the service provider 104 may obtain the DNS processing records and subsequent communication records and cross link the data related to a same unique network address. In some embodiments, the cross linking of data may take into consideration the reuse of network addresses in the pool. For example, communication records associated with a specific network address prior to a reuse of the specific network address should not be cross linked with later DNS processing records involving the specific network address after the reuse. After the DNS queries and subsequent communications are correlated, the service provider 104 may analyze service performance and user experience using the correlated performance data. For example, the service provider 104 may compute an overall latency associate with a content or service request by adding up processing times associated with both the corresponding DNS query and the corresponding subsequent content or service requests. The routine of FIG. 4 ends at block 416.

Depending on the embodiment, certain acts, events, or functions of any of the methods described herein can be performed in a different sequence, can be added, merged, or left out altogether (e.g., not all described acts or events are necessary for the practice of the algorithm). Moreover, in certain embodiments, acts or events can be performed concurrently, e.g., through multi-threaded processing, interrupt processing, or multiple processors or processor cores or on other parallel architectures, rather than sequentially.

The various illustrative logical blocks, modules and method elements described in connection with the embodiments disclosed herein can be implemented as electronic hardware, computer software, or combinations of both. To clearly illustrate this interchangeability of hardware and software, various illustrative components, blocks, modules, and steps have been described above generally in terms of their functionality. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the overall system. The described functionality can be implemented in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the disclosure.

The various illustrative logical blocks and modules described in connection with the embodiments disclosed herein can be implemented or performed by a machine, such as a general purpose processor, a digital signal processor (DSP), an application specific integrated circuit (ASIC), a field programmable gate array (FPGA) or other programmable logic device, discrete gate or transistor logic, discrete hardware components, or any combination thereof designed to perform the functions described herein. A general purpose processor can be a microprocessor, but in the alternative, the processor can be a controller, microcontroller, or state machine, combinations of the same, or the like. A processor can also be implemented as a combination of computing devices, e.g., a combination of a DSP and a microprocessor, a plurality of microprocessors, one or more microprocessors in conjunction with a DSP core, or any other such configuration.

The elements of a method, process, or algorithm described in connection with the embodiments disclosed herein can be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module can reside in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, a removable disk, a CD-ROM or any other form of computer-readable storage medium known in the art. A storage medium can be coupled to the processor such that the processor can read information from, and write information to, the storage medium. In the alternative, the storage medium can be integral to the processor. The processor and the storage medium can reside in an ASIC. The ASIC can reside in a user terminal. In the alternative, the processor and the storage medium can reside as discrete components in a user terminal.

Conditional language used herein, such as, among others, “can,” “might,” “may,” “e.g.” and the like, unless specifically stated otherwise, or otherwise understood within the context as used, is generally intended to convey that certain embodiments include, while other embodiments do not include, certain features, elements and/or states. Thus, such conditional language is not generally intended to imply that features, elements and/or states are in any way required for one or more embodiments or that one or more embodiments necessarily include logic for deciding, with or without author input or prompting, whether these features, elements and/or states are included or are to be performed in any particular embodiment. The terms “comprising,” “including,” “having,” “involving” and the like are synonymous and are used inclusively, in an open-ended fashion, and do not exclude additional elements, features, acts, operations and so forth. Also, the term “or” is used in its inclusive sense (and not in its exclusive sense) so that when used, for example, to connect a list of elements, the term “or” means one, some, or all of the elements in the list.

Disjunctive language such as the phrase “at least one of X, Y or Z,” unless specifically stated otherwise, is otherwise understood with the context as used in general to present that an item, term, etc., may be either X, Y or Z, or any combination thereof (e.g., X, Y and/or Z). Thus, such disjunctive language is not generally intended to, and should not, imply that certain embodiments require at least one of X, at least one of Y or at least one of Z to each be present.

Unless otherwise explicitly stated, articles such as “a” or “an” should generally be interpreted to include one or more described items. Accordingly, phrases such as “a device configured to” are intended to include one or more recited devices. Such one or more recited devices can also be collectively configured to carry out the stated recitations. For example, “a processor configured to carry out recitations A, B and C” can include a first processor configured to carry out recitation A working in conjunction with a second processor configured to carry out recitations B and C.

While the above detailed description has shown, described, and pointed out novel features as applied to various embodiments, it will be understood that various omissions, substitutions, and changes in the form and details of the devices or algorithms illustrated can be made without departing from the spirit of the disclosure. As will be recognized, certain embodiments described herein can be embodied within a form that does not provide all of the features and benefits set forth herein, as some features can be used or practiced separately from others. All changes which come within the meaning and range of equivalency of the claims are to be embraced within their scope. 

What is claimed is:
 1. A computer-implemented method for managing domain name system (DNS) queries, the computer-implemented method comprising: under control of one or more computing devices configured with specific computer executable instructions, associating a set of two or more distinct network addresses with a network-based service provider; receiving a first DNS query including an identifier of the network-based service provider, wherein the first DNS query originated from a first client computing device; selecting a first unique network address from the set of two or more distinct network addresses based, at least in part, on the first DNS query; transmitting a first response to the first DNS query, wherein the first response includes the first unique network address; receiving, from an entity different than an entity that transmitted the first DNS query, a request for network resources directed to the first unique network address; correlating the first DNS query with the request for network resources based, at least in part, on the first unique network address such that the first DNS query and the request for network resources are associated; and causing service performance analysis based, at least in part, on the correlation to determine routing or processing improvements.
 2. The method of claim 1, wherein the set of distinct network addresses includes at least one of IPv6 or IPv4 addresses.
 3. The method of claim 1, wherein the first DNS query is received from a DNS resolver associated with the first client computing device.
 4. The method of claim 1, wherein selecting the first unique network address comprises selecting a network address included in a previous response to a previous DNS query, wherein the previous response occurs prior to the first response.
 5. The method of claim 4, wherein selecting the first unique network address further comprises: determining a time that has lapsed since the previous response; and determining a measure of uniqueness of the selected network address based, at least in part, on the lapsed time.
 6. The method of claim 5, wherein determining the measure of uniqueness is further based on a size of the set of the distinct network addresses.
 7. The method of claim 1 further comprising: receiving a second DNS query including the identifier of the service provider; selecting a second unique network address from the set of distinct network addresses based, at least in part, on the second DNS query; and transmitting a second response to the second DNS query, wherein the second response includes the second unique network address.
 8. The method of claim 7, wherein the second unique network address differs from the first unique network address.
 9. The method of claim 8, wherein the second DNS query is received within a wait time period since the receipt of the first DNS query.
 10. The method of claim 7, wherein the first unique network address and the second unique network address correspond to a same network address and wherein the second DNS query is received after a wait time period since the receipt of the first DNS query.
 11. A non-transitory computer readable storage medium storing computer executable instructions that when executed by at least one processor perform operations comprising: obtaining a domain name system (DNS) query including an identifier associated with a service provider, wherein the DNS query originated from a client computing device and is obtained from an entity different than the client computing device; selecting a distinct network address from a set of two or more network addresses associated with the service provider based, at least in part, on the DNS query; causing transmission of the distinct network address in response to the DNS query, wherein the client computing device communicates with the service provider based on the distinct network address; causing correlation between the DNS query and the client computing device's communication with the service provider based, at least in part, on the distinct network address such that the DNS query and the client computing device's communication are associated; and determining routing or processing improvements.
 12. The non-transitory computer readable storage medium of claim 11, wherein the identifier associated with the service provider includes a uniform resource locator (URL).
 13. The non-transitory computer readable storage medium of claim 11, wherein selecting the distinct network address is based, at least in part, on a confidence measure for the correlation.
 14. The non-transitory computer readable storage medium of claim 13, wherein the confidence measure is determined based, at least in part, on a size of the set of network addresses.
 15. The non-transitory computer readable storage medium of claim 11, wherein the operations further comprise adjusting the size of the set of network addresses based on incoming traffic of DNS queries.
 16. A system comprising: at least one data store configured to at least store computer-executable instructions; and at least one processor in communication with the data store that, when executing the computer-executable instructions, cause the system to: obtain a first domain name system (DNS) query including an identifier associated with a service provider, wherein the first DNS query originated from a first client computing device and is obtained from an entity different than the first client computing device; select a first distinct network address from a set of two or more network addresses associated with the service provider based, at least in part, on the first DNS query; cause transmission of the first distinct network address in response to the first DNS query, wherein the first client computing device communicates with the service provider based on the first distinct network address; cause correlation between the first DNS query and the first client computing device's communication with the service provider based, at least in part, on the first distinct network address such that the first DNS query and the first client computing device's communication are associated; and determine routing or processing improvements.
 17. The system of claim 16, wherein the processor is further configured to: obtain a second DNS query including the identifier of the service provider; select a second distinct network address from the set of two or more network addresses associated with the service provider based, at least in part, on the second DNS query; and cause transmission of the second distinct network address in response to the second DNS query, wherein a second client computing device communicates with the service provider based on the second distinct network address.
 18. The system of claim 17, wherein the first DNS query precedes the second DNS query by a predetermined period of time, and wherein the first and second distinct network addresses correspond to a same network address.
 19. The system of claim 18, wherein the predetermined period of time is determined based on statistics of communications between client computing devices and the service provider.
 20. The system of claim 17, wherein the first distinct network address differs from the second distinct network address, and wherein the first and second client computing devices correspond to a same device. 